- --
Viewing Issue Advanced Details
[ Jump to Notes ]
| ID | Category [?] | Severity [?] | Reproducibility | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 07538 | Misc. | Critical (emulator) | Always | Jan 7, 2020, 17:07 | Jun 23, 2021, 21:37 |
| Tester | Firewave | View Status | Public | Platform | MAME (Self-compiled) |
| Assigned To | Resolution | Fixed | OS | Windows 10 (64-bit) | |
| Status [?] | Resolved | Driver | |||
| Version | 0.217 | Fixed in Version | Build | 32-bit | |
| Fixed in Git Commit | Github Pull Request # | ||||
| Summary | 07538: all sets using Y8950: AddressSanitizer: new-delete-type-mismatch | ||||
| Description |
=================================================================
==26244==ERROR: AddressSanitizer: new-delete-type-mismatch on 0x21500100 in thread T0:
object passed to delete has wrong type:
size of the allocated type: 6016 bytes;
size of the deallocated type: 5888 bytes.
#0 0x1383189 in operator delete D:\agent\_work\s\src\vctools\crt\asan\llvm\compiler-rt\lib\asan\asan_new_delete.cc:172
#1 0x940ac72 in y8950_shutdown+0xa2 (s:\dev\mame0217\mame.exe+0x8d3ac72)
#2 0x8ca2a1f in y8950_device::device_stop+0x3f (s:\dev\mame0217\mame.exe+0x85d2a1f)
#3 0x62ff51e in device_t::stop+0xde (s:\dev\mame0217\mame.exe+0x5c2f51e)
#4 0x66adc0c in running_machine::stop_all_devices+0x23c (s:\dev\mame0217\mame.exe+0x5fddc0c)
#5 0x14008cf in delegate_mfp::method_stub<std::function<void __cdecl(void)>,void>+0x3f (s:\dev\mame0217\mame.exe+0xd308cf)
#6 0x66a7971 in running_machine::call_notifiers+0xe1 (s:\dev\mame0217\mame.exe+0x5fd7971)
#7 0x66abefe in running_machine::run+0x56e (s:\dev\mame0217\mame.exe+0x5fdbefe)
#8 0x75392fc in mame_machine_manager::execute+0x52c (s:\dev\mame0217\mame.exe+0x6e692fc)
#9 0x755b36a in cli_frontend::start_execution+0x56a (s:\dev\mame0217\mame.exe+0x6e8b36a)
#10 0x7553104 in cli_frontend::execute+0x174 (s:\dev\mame0217\mame.exe+0x6e83104)
#11 0x753a259 in emulator_info::start_frontend+0x59 (s:\dev\mame0217\mame.exe+0x6e6a259)
#12 0xa7f25be in main+0x43e (s:\dev\mame0217\mame.exe+0xa1225be)
#13 0xa598c9a in __scrt_common_main_seh d:\agent\_work\s\src\vctools\crt\vcstartup\src\startup\exe_common.inl:288
#14 0x75d36358 in BaseThreadInitThunk+0x18 (C:\WINDOWS\System32\KERNEL32.DLL+0x6b816358)
#15 0x779f7b73 in RtlGetAppContainerNamedObjectPath+0xe3 (C:\WINDOWS\SYSTEM32\ntdll.dll+0x4b2e7b73)
#16 0x779f7b43 in RtlGetAppContainerNamedObjectPath+0xb3 (C:\WINDOWS\SYSTEM32\ntdll.dll+0x4b2e7b43)
0x21500100 is located 0 bytes inside of 6016-byte region [0x21500100,0x21501880)
allocated by thread T0 here:
#0 0x1382e7d in operator new D:\agent\_work\s\src\vctools\crt\asan\llvm\compiler-rt\lib\asan\asan_new_delete.cc:99
#1 0x9405da9 in delegate_base<void>::late_bind_helper<`anonymous namespace'::FM_OPL>+0xa09 (s:\dev\mame0217\mame.exe+0x8d35da9)
#2 0x940a6d9 in y8950_init+0x19 (s:\dev\mame0217\mame.exe+0x8d3a6d9)
#3 0x8ca28bd in y8950_device::device_start+0x6d (s:\dev\mame0217\mame.exe+0x85d28bd)
#4 0x62ff127 in device_t::start+0x97 (s:\dev\mame0217\mame.exe+0x5c2f127)
#5 0x66ad879 in running_machine::start_all_devices+0x489 (s:\dev\mame0217\mame.exe+0x5fdd879)
#6 0x66ad287 in running_machine::start+0x807 (s:\dev\mame0217\mame.exe+0x5fdd287)
#7 0x66abb05 in running_machine::run+0x175 (s:\dev\mame0217\mame.exe+0x5fdbb05)
#8 0x75392fc in mame_machine_manager::execute+0x52c (s:\dev\mame0217\mame.exe+0x6e692fc)
#9 0x755b36a in cli_frontend::start_execution+0x56a (s:\dev\mame0217\mame.exe+0x6e8b36a)
#10 0x7553104 in cli_frontend::execute+0x174 (s:\dev\mame0217\mame.exe+0x6e83104)
#11 0x753a259 in emulator_info::start_frontend+0x59 (s:\dev\mame0217\mame.exe+0x6e6a259)
#12 0xa7f25be in main+0x43e (s:\dev\mame0217\mame.exe+0xa1225be)
#13 0xa598c9a in __scrt_common_main_seh d:\agent\_work\s\src\vctools\crt\vcstartup\src\startup\exe_common.inl:288
#14 0x75d36358 in BaseThreadInitThunk+0x18 (C:\WINDOWS\System32\KERNEL32.DLL+0x6b816358)
#15 0x779f7b73 in RtlGetAppContainerNamedObjectPath+0xe3 (C:\WINDOWS\SYSTEM32\ntdll.dll+0x4b2e7b73)
#16 0x779f7b43 in RtlGetAppContainerNamedObjectPath+0xb3 (C:\WINDOWS\SYSTEM32\ntdll.dll+0x4b2e7b43)
SUMMARY: AddressSanitizer: new-delete-type-mismatch D:\agent\_work\s\src\vctools\crt\asan\llvm\compiler-rt\lib\asan\asan_new_delete.cc:172 in operator delete
==26244==HINT: if you don't care about these errors you may set ASAN_OPTIONS=new_delete_type_mismatch=0
==26244==ABORTING
|
||||
| Steps To Reproduce | |||||
| Additional Information | |||||
| Github Commit | |||||
| Flags | |||||
| Regression Version | |||||
| Affected Sets / Systems | all sets using Y8950 | ||||
|
Attached Files
|
|||||
Relationships
| There are no relationship linked to this issue. |
Notes
2
 No.17324
Firewave Senior Tester
Jan 7, 2020, 17:08
|
The problem lies in FM_OPL::Create() which allocates a bigger amount of memory than is actually used for the object which is deleted in y8950_shutdown(). |
|---|---|
 No.19026
aaron Developer
Jun 23, 2021, 21:37
|
Code has since been completely rewritten. I don't think this is a valid issue anymore. |